From patchwork Wed Jan 11 12:04:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Natalia Petrova X-Patchwork-Id: 41952 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4e01:0:0:0:0:0 with SMTP id p1csp3284173wrt; Wed, 11 Jan 2023 04:14:53 -0800 (PST) X-Google-Smtp-Source: AMrXdXsTyG19nv54+npE2bexq82luTATrEuSHxN0E4Ec6jwaS/etJMaz2Ex5w5Ttt8TK4OBCwPbn X-Received: by 2002:a17:906:2849:b0:7b8:882d:43ef with SMTP id s9-20020a170906284900b007b8882d43efmr61272651ejc.0.1673439293629; Wed, 11 Jan 2023 04:14:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673439293; cv=none; d=google.com; s=arc-20160816; b=0SUvqPvJqmVnVWCkrl45o6hI5pRERO5c/vJidHfzO/sG8Ivv026VAWodObBcegJapg OsaI1TsMP9MCpFNNSdAgBOz7ZZvIkg+jCtG7/XMEiCX8aOCnvSB+5oYnxCjSmW2EKVUL ocaHXjz3zODkcsxxhLpGwLV3omhGEYpvyLiG6P5cUhxOyZfOO1vaIpJYCvRmL9U1hGnC eRtr3P4c5u2v6rN1KGIZfS/RFaa2CNh+elp2BXw//s9G3Qzyx4TKnyd1Rbdh4nf3AQ5/ fFKbBGD02QLQtue4P/qk4BmDDgXXc7QcMM2V+EuRVWTHhsDNKbEhwqOho7FdG45Um7qj Vt6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=eswjVjUBsd8dPqvAkgLliiGbiLEVIjPzwf1Ueh0iKWs=; b=OnQlAtdBA2z2Hec6iJOvEfcBp6zc8apw7LUDjJgqJlYr9ggWY8jVf5ye+LXzaESEqS d5v/+KkPvE7nXsQURslTiIJmLxp+FH3bIM1m4RsS3wZKB2ag/1u9g1BeaLfHS7TtxwYT zt5PQkuKRjicTCyI6LLs3dCPtOC82gi56HMreaYcEawr2WCn4+szcRKkAxL2GcQrUXFe 0PzU+TTcjOdd0cXs5f3Ezdd5IMQb6wss9mlz8z6fggkOAHwRcGVNUmm1eaah3Gotn+1A lEz4rgg+lhYDI7cuoNm3YuCyvldFMKrK/i+mAJnSZqEa0oUs+qWysP2TT1UjX+6VFGWx FNAA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id nd15-20020a170907628f00b007da4fe085desi15772386ejc.157.2023.01.11.04.14.30; Wed, 11 Jan 2023 04:14:53 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233184AbjAKMFt (ORCPT + 99 others); Wed, 11 Jan 2023 07:05:49 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55258 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239294AbjAKMEd (ORCPT ); Wed, 11 Jan 2023 07:04:33 -0500 Received: from exchange.fintech.ru (exchange.fintech.ru [195.54.195.159]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E78A425D3 for ; Wed, 11 Jan 2023 04:04:13 -0800 (PST) Received: from Ex16-01.fintech.ru (10.0.10.18) by exchange.fintech.ru (195.54.195.159) with Microsoft SMTP Server (TLS) id 14.3.498.0; Wed, 11 Jan 2023 15:04:12 +0300 Received: from KANASHIN1.fintech.ru (10.0.253.125) by Ex16-01.fintech.ru (10.0.10.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4; Wed, 11 Jan 2023 15:04:11 +0300 From: Natalia Petrova To: Steven Rostedt CC: Natalia Petrova , Ingo Molnar , , Subject: [PATCH] trace_events_hist: add check for return value of 'create_hist_field' Date: Wed, 11 Jan 2023 15:04:09 +0300 Message-ID: <20230111120409.4111-1-n.petrova@fintech.ru> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Originating-IP: [10.0.253.125] X-ClientProxiedBy: Ex16-01.fintech.ru (10.0.10.18) To Ex16-01.fintech.ru (10.0.10.18) X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1754728280872282981?= X-GMAIL-MSGID: =?utf-8?q?1754728280872282981?= Function 'create_hist_field' is called recursively at trace_events_hist.c:1954 and can return NULL-value that's why we have to check it to avoid null pointer dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 30350d65ac56 ("tracing: Add variable support to hist triggers") Signed-off-by: Natalia Petrova --- kernel/trace/trace_events_hist.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index fdf784620c28..9c8c1614a78e 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -1952,6 +1952,8 @@ static struct hist_field *create_hist_field(struct hist_trigger_data *hist_data, hist_field->fn = flags & HIST_FIELD_FL_LOG2 ? hist_field_log2 : hist_field_bucket; hist_field->operands[0] = create_hist_field(hist_data, field, fl, NULL); + if (!hist_field->operands[0]) + goto free; hist_field->size = hist_field->operands[0]->size; hist_field->type = kstrdup_const(hist_field->operands[0]->type, GFP_KERNEL); if (!hist_field->type)